Recently I installed a new PHPNuke site. For some reason, and only on Internet Explorer, I've had 2 friends complain that they're getting a "JS/Downloader Agent" virus detection.

I did some reading and found that it's caused by Java Script. But, how could my new website be holding this script? It doesn't make sense to me. I do have one flash animation clock on my site. Could that be causing it?

I've researched and researched. My feeling is that this virus detection is triggering incorrectly. Could my speculation be true?

Here's my site. Tell me what you're getting. Would love some idea how to handle this:

Couldn't you scan the flash clock files with an antivirus program to either confirm or eliminate it as the culprit?

Is your site patched? Do you have Nuke Sentinel installed? I wouldn't be operating a Nuke site without those two things. You should examine your site logs, especially ftp. When I work on other people's sites, I see most of them have anonymous ftp turned on. I'd make sure it was turned off. I would also review all the files on the server and check the dates to see if anything has been added since your last update.

I recently worked on a site where someone was able to add document write code to the bottom of every .php and .html file on the server. I have no idea how they did it.

I wish I could just deal with content on my sites, but unfortunately there are so many sad (or just plain mean) people in the world who don't have a life, so they mess with other people's websites all day and night. That's why you have to examine your logs every day and see who's attempting malicious activity on your site - and then try and block them.

When I examine my logs, I see where everyday somebody has attempted to hack or spam me, but so far Nuke Sentinel has stopped 'em cold.

Couldn't you scan the flash clock files with an antivirus program to either confirm or eliminate it as the culprit?

Is your site patched? Do you have Nuke Sentinel installed? I wouldn't be operating a Nuke site without those two things. You should examine your site logs, especially ftp. When I work on other people's sites, I see most of them have anonymous ftp turned on. I'd make sure it was turned off. I would also review all the files on the server and check the dates to see if anything has been added since your last update.

I recently worked on a site where someone was able to add document write code to the bottom of every .php and .html file on the server. I have no idea how they did it.

I wish I could just deal with content on my sites, but unfortunately there are so many sad (or just plain mean) people in the world who don't have a life, so they mess with other people's websites all day and night. That's why you have to examine your logs every day and see who's attempting malicious activity on your site - and then try and block them.

When I examine my logs, I see where everyday somebody has attempted to hack or spam me, but so far Nuke Sentinel has stopped 'em cold.

Great advice. Thanks for pointing me in the right direction. I'm really torn up over this simply because it's one thing to hack the site and shut it down, it's a whole other thing to add a virus that affects those who visit.

I did have my service provider run a virus scan on the site. He ran two, and it came up clean. Apparently, Internet Explorer (the latest version) recognizes certain types of flash as a POTENTIAL security issue, but not an actual virus.